+%%%--------------------------------------------------------------------------
+%%% The main bibliography.
+
+@InProceedings{abdalla-2001:dhies,
+ author = "Michel Abdalla and Mihir Bellare and Phillip Rogaway",
+ title = "{DHIES}: An Encryption Scheme Based on the
+ {Diffie--Hellman} Problem",
+ year = 2001,
+ crossref = "Naccache:2001:TCC",
+ url = "http://www-cse.ucsd.edu/users/mihir/papers/dhies.html"
+}
+
+@InProceedings{alexander-goldberg-2007:improved-user-authn-otr,
+ author = "Chris Alexander and Ian Goldberg",
+ title = "Improved user authentication in off-the-record messaging",
+ booktitle = "WPES",
+ year = 2007,
+ pages = "41--47",
+ ee = "http://doi.acm.org/10.1145/1314333.1314340",
+ url = "http://www.cypherpunks.ca/~iang/pubs/impauth.pdf",
+ crossref = "DBLP:conf/wpes/2007",
+ bibsource = "DBLP, http://dblp.uni-trier.de"
+}
+
+@InProceedings{bellare-2004:eax,
+ author = "Mihir Bellare and Phillip Rogaway and David Wagner",
+ title = "The {EAX} Mode of Operation",
+ booktitle = "FSE",
+ year = 2004,
+ editor = "Bimal K. Roy and Willi Meier",
+ volume = 3017,
+ series = "Lecture Notes in Computer Science",
+ pages = "389--407",
+ publisher = "Springer",
+ bibdate = "2004-07-29",
+ bibsource = "DBLP,
+ http://dblp.uni-trier.de/db/conf/fse/fse2004.html#BellareRW04",
+ booktitle = "Fast Software Encryption, 11th International Workshop,
+ {FSE} 2004, Delhi, India, February 5-7, 2004, Revised
+ Papers",
+ isbn = "3-540-22171-9",
+ url = "http://www.cs.berkeley.edu/~daw/papers/eax-fse04.ps"
+}
+
+@InProceedings{bellare-rogaway-1993:random-oracles,
+ author = "Mihir Bellare and Phillip Rogaway",
+ title = "Random oracles are practical",
+ booktitle = "Proceedings of the First Annual Conference on Computer and
+ Communications Security",
+ year = 1993,
+ pages = "62--73",
+ organization = "{ACM}",
+ url = "http://www-cse.ucsd.edu/users/mihir/papers/ro.html"
+}
+
+@InProceedings{bellare-rogaway-2006:security-triple-encryption,
+ author = "Mihir Bellare and Phillip Rogaway",
+ title = "The Security of Triple Encryption and a Framework for
+ Code-Based Game-Playing Proofs",
+ booktitle = "Advances in Cryptology - {EUROCRYPT} 2006, 25th Annual
+ International Conference on the Theory and Applications of
+ Cryptographic Techniques, St. Petersburg, Russia, May 28 -
+ June 1, 2006, Proceedings",
+ year = 2006,
+ editor = "Serge Vaudenay",
+ volume = 4004,
+ series = "Lecture Notes in Computer Science",
+ pages = "409--426",
+ publisher = "Springer",
+ note = "Proceedings version of \cite{cryptoeprint:2004:331}",
+ bibdate = "2006-07-05",
+ bibsource = "DBLP,
+ http://dblp.uni-trier.de/db/conf/eurocrypt/eurocrypt2006.html#BellareR06",
+ isbn = "3-540-34546-9"
+}
+
+@InProceedings{bernstein-2005:poly1305,
+ author = "Daniel J. Bernstein",
+ title = "The Poly1305-AES Message-Authentication Code",
+ booktitle = "Fast Software Encryption: 12th International Workshop,
+ {FSE} 2005, Paris, France, February 21-23, 2005, Revised
+ Selected Papers",
+ year = 2005,
+ pages = "32--49",
+ crossref = "DBLP:conf/fse/2005",
+ url = "https://doi.org/10.1007/11502760_3",
+ doi = "10.1007/11502760_3",
+ timestamp = "Tue, 30 May 2017 16:36:53 +0200",
+ biburl = "http://dblp.uni-trier.de/rec/bib/conf/fse/Bernstein05",
+ bibsource = "dblp computer science bibliography, http://dblp.org"
+}
+
+@Misc{bernstein-2005:salsa20,
+ author = "Daniel J. Bernstein",
+ title = "{Salsa20} Specification",
+ howpublished = "Submission to the ECRYPT Stream Cipher project (eSTREAM)",
+ month = apr,
+ year = 2005,
+ url = "https://cr.yp.to/snuffle/spec.pdf"
+}
+
+@InProceedings{bernstein-2006:curve25519,
+ author = "Daniel J. Bernstein",
+ title = "Curve25519: New Diffie-Hellman Speed Records",
+ booktitle = "Public Key Cryptography - {PKC} 2006, 9th International
+ Conference on Theory and Practice of Public-Key
+ Cryptography, New York, NY, USA, April 24-26, 2006,
+ Proceedings",
+ year = 2006,
+ pages = "207--228",
+ crossref = "DBLP:conf/pkc/2006",
+ url = "https://cr.yp.to/papers.html#curve25519",
+ doi = "10.1007/11745853_14",
+ timestamp = "Tue, 30 May 2017 16:36:52 +0200",
+ biburl = "http://dblp.uni-trier.de/rec/bib/conf/pkc/Bernstein06",
+ bibsource = "dblp computer science bibliography, http://dblp.org"
+}
+
+@InProceedings{borisov-2004:off-the-record,
+ author = "Nikita Borisov and Ian Goldberg and Eric A. Brewer",
+ title = "Off-the-record communication, or, why not to use PGP",
+ booktitle = "WPES",
+ year = 2004,
+ pages = "77--84",
+ ee = "http://doi.acm.org/10.1145/1029179.1029200",
+ url = "http://www.cypherpunks.ca/otr/otr-wpes.pdf",
+ crossref = "DBLP:conf/wpes/2004",
+ bibsource = "DBLP, http://dblp.uni-trier.de"
+}
+
+@InProceedings{brassard-crepeau-1989:sorting-zero-knowledge,
+ author = "Gilles Brassard and Claude Crepeau",
+ title = "Sorting out Zero-Knowledge",
+ booktitle = "Theory and Application of Cryptographic Techniques",
+ year = 1989,
+ pages = "181--191",
+ url = "http://citeseer.nj.nec.com/brassard90sorting.html"
+}
+
+@TechReport{canetti-2001:universally-composable-security,
+ author = "Ran Canetti",
+ title = "Universally Composable Security: {A} New Paradigm for
+ Cryptographic Protocols",
+ institution = "Cryptology {ePrint} Archive",
+ year = 2001,
+ type = "Report",
+ number = "2000/067",
+ month = oct,
+ note = "Extended Abstract appeared in proceedings of the 42nd
+ Symposium on Foundations of Computer Science (FOCS), 2001",
+ annote = "Revised version of \cite{Canetti:2000:SCM}.",
+ added-by = "sti",
+ url = "http://eprint.iacr.org/2000/067",
+ abstract = "We propose a new paradigm for defining security of
+ cryptographic protocols, called {\sf universally
+ composable security.} The salient property of universally
+ composable definitions of security is that they guarantee
+ security even when a secure protocol is composed with an
+ arbitrary set of protocols, or more generally when the
+ protocol is used as a component of an arbitrary
+ system. This is an essential property for maintaining
+ security of cryptographic protocols in complex and
+ unpredictable environments such as the Internet. In
+ particular, universally composable definitions guarantee
+ security even when an unbounded number of protocol
+ instances are executed concurrently in an adversarially
+ controlled manner, they guarantee non-malleability with
+ respect to arbitrary protocols, and more. We show how to
+ formulate universally composable definitions of security
+ for practically any cryptographic task. Furthermore, we
+ demonstrate that practically any such definition can be
+ realized using known general techniques, as long as only a
+ minority of the participants are corrupted. We then
+ proceed to formulate universally composable definitions of
+ a wide array of cryptographic tasks, including
+ authenticated and secure communication, key-exchange,
+ public-key encryption, signature, commitment, oblivious
+ transfer, zero-knowledge, and more. We also make initial
+ steps towards studying the realizability of the proposed
+ definitions in other natural settings.",
+ keywords = "foundations / cryptographic protocols, security analysis
+ of protocols, concurrent composition",
+ added-at = "Wed Oct 17 16:02:37 2001"
+}
+
+@Misc{certicom-2000:sec1,
+ author = "{Certicom Research}",
+ title = "Standards for Efficient Cryptography, {SEC} 1: {E}lliptic
+ curve cryptography, Version 1.0",
+ year = 2000,
+ url = "http://www.secg.org/download/aid-385/sec1_final.pdf"
+}
+
+@PhdThesis{daemen-1995:cipher-hash-design,
+ author = "Joan Daemen",
+ title = "Cipher and hash function design strategies based on linear
+ and differential cryptanalysis",
+ school = "K. U. Leuven",
+ year = 1995
+}
+
+@Manual{dworkin-2010:cbc-ciphertext-stealing,
+ title = "Recommendation for Block Cipher Modes of Operation: Three
+ Variants of Ciphertext Stealing for CBC Mode",
+ author = "Morris Dworkin",
+ organization = pub-NIST,
+ address = pub-NIST:adr,
+ month = oct,
+ year = 2010,
+ note = "Addendum to NIST Special Publication 800-38A",
+ pages = "iv + 7",
+ url = "http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf"
+}
+
+@Misc{ellis-1997:non-secret-encryption,
+ author = "James Ellis",
+ title = "The Story of Non-Secret Encryption",
+ howpublished = "CESG internal document",
+ month = dec,
+ year = 1997,
+ note = "Released internally in 1987.",
+ url = "http://www.jya.com/ellisdoc.htm"
+}
+
+@Misc{ferguson-2005:gcm-authn-weakness,
+ author = "Niels Ferguson",
+ title = "Authentication Weaknesses in {GCM}",
+ month = "May",
+ year = 2005,
+ note = "Public comment to NIST",
+ url = "http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/CWC-GCM/Ferguson2.pdf"
+}
+
+@Misc{fisher-2000:storin-usenet,
+ author = "Matthew Fisher",
+ title = "Re: Yet another block cipher: {Storin}",